Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
4 replies to this topic

#1 dave_unreal


  • Members
  • 30 posts
  • Local time:11:39 PM

Posted 24 March 2007 - 03:20 PM

I'm guessing lzx32.sys is some kind of malware?

My laptop jumps to a blue screen about 1 minute after switching it on.

A get a message 'A problem has been detected and windows has been shut down to prevent damage to your computer.'

The technical information says:

*** STOP: 0x0000008E (0xc0000005, 0xAA7885B3, 0xA93DOA20, 0x00000000)

*** lzx32.sys - address AA7885B3 base at AA786000, dtestamp 45f5a5a0

The laptop doesn't have hijack this installed and I can't get it to work long enough to install it.

Any help or advice would be much appreciated.

BC AdBot (Login to Remove)



#2 buddy215


  • BC Advisor
  • 12,752 posts
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:39 PM

Posted 24 March 2007 - 03:49 PM


Can you get into safemode? What antimalware programs do you have installed and updated on your computer?

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 disfunctionl


  • Members
  • 6 posts
  • Local time:11:39 PM

Posted 24 March 2007 - 03:52 PM

Lzx32.sys is a file associated with the Rustock.B Trojan.
You can reference this bleepingcomputer post BleepingComputer.com/Security/HJT Logs to aid in cleaning it off using http://www.uploads.ejvindh.net/rustbfix.exe or http://uploads.ejvindh.andymanchesta.com/Rustbfix.exe.

Since you are unable to get into Windows normally without a blue screen, you'll need to download these files on a seperate computer, and burn them to a CD or save them to some other type of media. Then, try to log into your laptop in Safe Mode.

Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

If you aren't able to log into Safe Mode then post here so people can give you other suggestions on things to try.

If you are, then run the fix programs while in safe mode, then restart your computer and see if that stops the blue screen problem. Afterwards I would suggest running HighJack This and posting the log in case you have anything else that needs to be cleaned off.

#4 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 50,735 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:39 AM

Posted 25 March 2007 - 07:26 AM

I have split your HJT log away from this thread and moved it into the HJT forum.

You can find it here: http://www.bleepingcomputer.com/forums/t/86022/lzx32sys/

Now that your log is posted there, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files on your own, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and complicate the malware removal process.

Please be patient and wait for a response from an HJT Team member. It may take a while to get a response because team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. While waiting, please DO NOT make another reply to your log until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have no replies as this makes it easier for them to identify those who have not been helped. If you post another response, a team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 disfunctionl


  • Members
  • 6 posts
  • Local time:11:39 PM

Posted 25 March 2007 - 12:55 PM

I'm glad to hear the RustBfix worked for that part of your problem. The HJT team will now be able to help you clean off anything else that might still be on your computer. Good luck to you.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users